Your privacy is important to us. This Privacy Policy explains how Mythamin collects, uses, discloses, and safeguards your information - including your quiz answers and any health-related data you choose to share - when you use our personalized vitamin service.

1. Information We Collect

We collect information that you provide directly to us:

Account information (name, email address)
Quiz answers about your energy, sleep, diet, lifestyle and health signals - used solely to compose your formula
Blood test results, if you choose a blood-based plan or upload them
Shipping address and delivery preferences
Payment information (processed securely via Stripe - we never store card numbers)
Communications you send to us

2. Health-Related Data

Your quiz answers and blood results may constitute health-related personal data under the GDPR. We process them only with your explicit consent, given when you submit the quiz or upload results, and only for composing and improving your personalized formula. You can withdraw consent and request deletion at any time, which stops personalization but not your basic account.

3. Automatically Collected Information

When you use our service, we automatically collect:

Device information (browser type, operating system)
Log data (IP address, access times, pages viewed)
Cookies and similar tracking technologies
Analytics data to improve our service

4. How We Use Your Information

We use the information we collect to:

Compose, mix and ship your personalized vitamin formula
Estimate likely nutrient gaps from your answers and show them to you
Tune your formula to blood results when you provide them
Process subscription payments and send billing information
Send service emails (account, shipping, formula updates)
Improve our formulation logic and service quality

5. Information Sharing

We do not sell your personal information, and we never share your health-related data for advertising. We may share information with:

Service providers who assist in our operations (e.g., Stripe for payments, shipping carriers for delivery)
Laboratory partners, only when you order a blood-based plan
Professional advisors (lawyers, accountants) when necessary
Law enforcement when required by law
Other parties in connection with a merger or acquisition

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, with additional safeguards for health-related data. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Quiz answers and blood results are deleted upon account deletion or on request. We will retain and use other information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

8. Your Rights

Under the GDPR and depending on your location, you have the right to:

Access the personal information we hold about you
Request correction of inaccurate information
Request deletion of your information ("right to be forgotten")
Object to processing of your information
Request data portability
Withdraw consent for health-data processing at any time
Lodge a complaint with your local data protection authority

9. Cookies

We use cookies and similar technologies to collect information and improve your experience. You can control cookies through your browser settings and our cookie banner, but disabling them may affect service functionality.

10. Third-Party Services

Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

11. Children's Privacy

Our service is not intended for children under 18. We do not knowingly collect personal information from children. If we become aware that we have collected such information, we will take steps to delete it.

12. International Transfers

Your information is processed within the European Economic Area where possible. Where a transfer outside the EEA occurs (e.g., some analytics providers), we ensure appropriate safeguards such as Standard Contractual Clauses are in place.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us through our support channels.